yes, yes, it's an editorial - i just want to put the subject out there, and see what people think. from here:

Quote:

August 21, 2006
Editorial
Enter Search Term Here, Forever

When people search the Internet in their homes, it feels like a private activity. But as AOL reminded the world this month, when it made public 19 million search queries by customers, companies often store searches in ways that allow them to be traced back to specific users. The storing and sharing of data of this kind is a violation of users’ privacy rights. Congress, the Federal Trade Commission and the companies should do more to protect these rights.

When people talk on the phone, they assume that the words they utter will disappear when the call is over. They certainly do not expect that their phone company is recording and storing the words, to mine for commercial purposes or to sell to other companies. People have the same expectation about the Internet searches they do: when the search is over, the words they used will disappear.

But that is not how search engine companies are treating the data. Google and other companies store search information indefinitely, and once the data is stored it can easily get out. The companies may sell it to third parties. They may be forced to hand it over in response to a subpoena. Or employees at the companies can leak the information.

People often include information in their Internet searches that they do not want to share with the world. They may be searching for information about topics like cancer or spousal abuse, or looking for sex or gambling Web sites. They may be looking for organizations that are critical of the government.

There should be strong safeguards in place to prevent search engine companies from storing and using this data. The Bush administration, however, has been pushing in the opposite direction. Earlier this year, Attorney General Alberto Gonzales urged Internet companies to keep user data for long periods to help law enforcement.

Congress should step in. Search data is arguably protected by existing privacy laws, but Congress should pass new legislation that removes any doubt. Representative Edward Markey, Democrat of Massachusetts, has introduced a bill to prohibit Internet companies from warehousing personal data, including search queries. It is a good start, but it still gives companies too much leeway to keep data. The bill should be strengthened and passed.

The F.T.C. should also do more. The Electronic Frontier Foundation has filed a complaint against AOL, arguing that the recent well-publicized release of search data from 600,000 AOL customers was a deceptive trade practice. The F.T.C. should uphold the complaint, and send a clear message that invasions of privacy of this sort will be punished.

Whatever the government does, the companies themselves should be acting more responsibly. People who use the Internet have a right to expect privacy. If companies do not have their users’ affirmative consent to keep data, they should delete it, and make money from the many other, very profitable parts of the search engine business.

when i think of all the off-the-wall things i search for....among them, things relating to the day's news. so i've done searches for hezbollah, al qaeda, liquid explosives, airplane carry-on regulations......so if i suddenly drop out of sight, you all will know which part of the government dragged me away._________________aka: neverscared!

i've always operated on the theory that the internet, by nature is insecure. we can do things to make it more secure, but we can't make it completely, 100% secure. therefore, if i don't want another person, the general public or the government to know about it or study it or archive it, IT DOESN'T GO ON THE INTERNET._________________On TwitterD.C. Live Tracks

If any business feels enough people are concerned about the privacy issues, they could easily create their own search engine, advertising specifically that they do NOT collect/share/sell their users' personal or search information, pointing out that Google/whoever does. Ding! Problem solved.

Of course, this does nothing to prevent tracking by parties other than the search engines; for example, most hosting companies allow their clients to see the referring URL that brought people to their page. This often leads to humorous results; cookies often work improperly, resulting in miscommunicated referring URLs. At work, where I see the referral information for hundreds/thousands of customers a day, there are always at least a handful that make me laugh, and occasionally one or two that really weird me out ("how+to+rape" "United+States+tax+evasion" "incest+pictures" etc.).

And legislating that is impossible. Every website I build comes with a standard TOU disclaimer: "(Company) collects private user data for marketing and security reasons. (Company) does not share or sell this information to third parties except where required by law, etc., etc...." By using that website, you are agreeing to the TOU, period. The same way you agree to your ISP's TOU, your cell phone provider's TOU, etc. The limited number of available options for the latter two examples makes control & legislation plausible; the immeasurably wide spread of websites on the internet makes control & legislation impossible.

This isn't the fault of the website & search engine owners. At some point, a bunch of people just arbitrarily decided that one's web searches ought to be private and are now acting shocked and appalled that this isn't the case. Other than being yet another example of irresponsible consumerism, I don't see how this is something that requires legislation. Free market economics nips this one in the bud, if anyone has any brains.

i've always operated on the theory that the internet, by nature is insecure. we can do things to make it more secure, but we can't make it completely, 100% secure.

well, yes. but we're talking about thieves and hackers, generally, when we agree on that.

companies operating businesses that actively pursue means to gain access to personal information that has not been attained by explicit and/or constitutional means should be treated as one or both of the above.

i've always operated on the theory that the internet, by nature is insecure. we can do things to make it more secure, but we can't make it completely, 100% secure.

well, yes. but we're talking about thieves and hackers, generally, when we agree on that.

companies operating businesses that actively pursue means to gain access to personal information that has not been attained by explicit and/or constitutional means should be treated as one or both of the above.

Why should companies be viewed as thieves for taking and using what you readily make available to them?

Joined: 09 Jul 2006Posts: 9702Location: I have to be somewhere? ::runs around frantically::

Posted: Tue Aug 22, 2006 3:22 am Post subject:

Consumers due just that: buy stuff. It isn't like they can just stop buying stuff when companies decide to take advantage of them. Companies must be monitored and regulated because of what they control. Seriously, let us assume that Google decides to sell your searches. And Yahoo. And MSN. And Alta Vista. How are you going to search the internet properly? Okay, non internet: let's assume that Kroger decides that it is going to track your purchases. All of them (for health reasons of course). Walmart jumps in. So does Target and Country Mart. If you don't want your purchases tracked, where are you going to eat?

This isn't consumer ignorance, this is businesses taking advantage of they power that they have been given in good confidence. Consumers can't help but give out their information without becoming a hermit. Businesses have a responsibility to use it for the consumer's good and not just for their own profit._________________Before God created Las he pondered on all the aspects a woman might have, he considered which ones would look good super-inflated and which ones to leave alone.
After much deliberation he gave her a giant comfort zone. - Michael

i've always operated on the theory that the internet, by nature is insecure. we can do things to make it more secure, but we can't make it completely, 100% secure.

well, yes. but we're talking about thieves and hackers, generally, when we agree on that.

companies operating businesses that actively pursue means to gain access to personal information that has not been attained by explicit and/or constitutional means should be treated as one or both of the above.

Why should companies be viewed as thieves for taking and using what you readily make available to them?

The fault is consumer ignorance, not corporate evil.

WHY?

because "available" (and "readily" is a matter of pure legality, which is why I mentioned "actively", which you may have missed), does not free them from the bonds of permission and, in its absense, the constitution.

i've always operated on the theory that the internet, by nature is insecure. we can do things to make it more secure, but we can't make it completely, 100% secure.

well, yes. but we're talking about thieves and hackers, generally, when we agree on that.

companies operating businesses that actively pursue means to gain access to personal information that has not been attained by explicit and/or constitutional means should be treated as one or both of the above.

Why should companies be viewed as thieves for taking and using what you readily make available to them?

The fault is consumer ignorance, not corporate evil.

WHY?

because "available" (and "readily" is a matter of pure legality, which is why I mentioned "actively", which you may have missed), does not free them from the bonds of permission and, in its absense, the constitution.

that's why.

And... did you read the Terms of Service and Privacy Policy before using Google?

Really, that stuff is there for a *reason* and you agree to their terms of service by using their FREE services.

1: they're HUGE. They have the capacity and know-how to incorporate data from your searches, your email, your froogle-searches (i.e. what you buy), news-group postings, coding projects, surfing habits (through their site-stat and ad-sense programs) and all their other projects. That's a liability in itself.

2 Their states mission goal is to 'Make information available'.

Then again their mission statement is 'Do no evil' (go go Google China!) and they're smarter than risking a publicity backlash.

And... did you read the Terms of Service and Privacy Policy before using Google?

Really, that stuff is there for a *reason* and you agree to their terms of service by using their FREE services.

you mean the one that requires no active consent and amounts to an unsigned contract?

I continue to boggle that you somehow feel that the law (or, for that matter, the constitution) implies that a person or corporate entity requires your explicit consent to collect, use or distribute information you make readily available to them.

You're going to have to point to specific laws (or, barring that, specific court cases regarding relevant constitutional interpretation) that say or even imply that the above is illegal. Further, it's worth noting that simply by entering a website, you are digitally signing away your rights according to their TOU, the same way you sign away certain rights when you walk into a privately owned business, whether you were aware of them or not. If you shop at Target, you give them the right to search and seizure. You give them the right to use force to detain you. You give them these rights when you walk through their doors, and they do not need to tell you about it until it becomes applicable. This has been upheld repeatedly in court; I will reference specific cases if you'd like.

if you're suggesting that target is allowed to rifle through your wallet and attach your credit history, driver's license id and ssn directly to an itemized list of your purchases while you are paying with cash then, yes, please, a list of such cases would well be in order.

if you're suggesting that target is allowed to rifle through your wallet and attach your credit history, driver's license id and ssn directly to an itemized list of your purchases while you are paying with cash then, yes, please, a list of such cases would well be in order.

otherwise, i don't see the comparison as applicable.

IP, search terms, order history, click-thru origination, etc. are not comparable to credit history, SSN, bank account numbers, etc.; to suggest otherwise is obtuse at best. The point of the comparison is that in utilizing a store or service, you are waiving certain rights, and the company in question is not obligated to warn you or secure your explicit consent beforehand.

Joined: 09 Jul 2006Posts: 9702Location: I have to be somewhere? ::runs around frantically::

Posted: Tue Aug 22, 2006 8:52 pm Post subject:

But you can go to other stores than Target. You can't go to places on the internet without search engines. If the data can be linked back to a specific person, it shouldn't be kept without explicit agreements. If it is decided that the keeping of data is okay, it needs to never be touched by anything/one who can use it to hurt the browser. The data would have to stay nameless._________________Before God created Las he pondered on all the aspects a woman might have, he considered which ones would look good super-inflated and which ones to leave alone.
After much deliberation he gave her a giant comfort zone. - Michael